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DETAILED ACTION 

Claims 1-22, 24-32 are pending. 

Below, Examiner has pointed out particular references contained in the prior 
art(s) of record in the body of this action for the convenience of the applicant. Although 
the specified citations are representative of the teachings in the art and are applied to 
the specific hmitations within the individual claims, other passages and figures may 
apply as well. Apphcant should consider the entire prior art as applicable as to the 
hmitations of the claims. It is respectfully requested from the applicant, in preparing 
the response, to consider fiiUy each reference in its entirety as potentially teaching all or 
part of the claimed invention, as well as the context of the passage as taught by the prior 
arts or disclosed by the examiner. 

Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this apphcation after final rejection. Since this 
application is ehgible for continued examination under 37 CFR 1.114, and the fee set 

forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has 
been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 10/06/2008 
has been entered. 

Claim Rejections - 35 USC §102 

The follovdng is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed pubhcation in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

1. Claims 1-19, 24, 25, 27-32 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Gennaro et al. (US 6,317,834), hereafter "Gennaro". 

Considering Claims 1, 7 and 10, Gennaro discloses an information providing 
device (abstract) comprising: a provider association unit making a plurality of 
information providers (Fig. 4B- item 28, item 30, item 32), including first and second 
information providers (Fig. 4B- item 30 and item 32), be associated with each other 
(Fig. 4B- item 42), the plurality of information providers providing respective user 
information items (column 7- lines 16-39), the provider association unit comprising: a 
first unit causing the first information provider to receive a first user information item 
(Fig. 6- item 74, item 82, column 8- lines 9-24), stored in a first information 
management unit (Fig. 4A, column 6- lines 4-8), in response to a user information 
receiving request (column 7- lines 8-9); a second unit causing the second information 
provider to receive a second user information item (Fig. 6- item 90, column 7- lines 34- 
37), correlated with the first user information item and stored in a second information 
management unit (Fig. 3, column 5- hues 46-54), in response to a predetermined 
identification data (column 8- lines 24-32); and a third unit configured to generate an 
authentication ticket including data indicating at least one of an authentication provider 
name, a term of validity of the ticket, an authentication domain name, and user 
attributes by combining the first user information item and the second user information 
item based on the predetermined identification data (column 8- lines 37-47, the 
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statistical equivalence is deemed valid if it exceeds a certain threshold), an interface 
configured to transmit the authentication ticket to a computer remote from the 
information providing device via a network (Fig. 9- item 866, column 11- hues 44-52, an 
acknowledgement including a "fail" or "success" is needed to inform a user of his 
authorization to the database). 

Considering Claims 12, 24, 25, 27, and 31, Gennaro discloses a user 
authentication device (abstract) comprising: a provider association unit which makes a 
plurality of authentication providers (Fig. 4B- item 28, item 30, item 32), including first 
and second authentication providers (Fig. 4B- item 30 and item 32), be associated with 
each other (Fig. 4B- item 42), the provider association unit comprising: a first unit 
causing the first authentication provider to perform, in response to a first authentication 
request, a first user authentication based on a first user identification data that is 
specified in the first authentication request (column 8- hnes 9-32, Fig. 6); and a second 
unit causing the second authentication provider to perform, in response to a second 
authentication request related to a user approved by the first user authentication, a 
second user authentication based on a second user identification data that is correlated 
with the first user identification data (column 8- lines 32-47, Fig. 6). 

Considering Claims 2, 8, and 11, Gennaro discloses the user information 
receiving request contains retrieval conditions specified therein, and the provider 
association unit causes the first and second information providers to respectively receive 
the first and second user information items that satisfy the retrieval conditions 
(Gennaro-Fig. 4B, column 7- lines 8-21). 
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Considering Claims 3 and 9, Gennaro discloses the provider association unit is 
provided to unify the information items received by the first and second information 
providers for every user (Gennaro-column 8- hues 37-47, Fig. 4B- item 42). 

Considering Claims 4 and 13, Gennaro discloses the user authentication device 
further comprises the first authentication provider and the second authentication 
provider (Gennaro-Fig. 3, Fig 4B). 

Considering Claims 5, 16, and 29, Gennaro discloses the user authentication 
device further comprises: a first-authentication-provider information management unit 
managing a first-authentication-provider identification data which identifies the first 
authentication provider fi-om among the plurality of authentication providers (Gennaro- 
Fig. 3- item 330, column 7- lines 7-12); and a second-authentication-provider 
information management unit managing a second-authentication-provider 
identification data v^hich identifies the second authentication provider from among the 
plurality of authentication providers (Gennaro-Fig. 3- item 330, column 7- lines 35-45). 

Considering Claims 6, 17, and 30, Gennaro discloses the user authentication 
device fiirther comprises a call information management unit in which a plurality of call 
information items used to call the plurality of authentication providers respectively are 
recorded (Gennaro-Fig. 3- item 340), and the provider association unit causes the first 
and second authentication providers to perform the first and second user 
authentications respectively by calling the first and second authentication providers 
based on the call information management unit (Gennaro-column 5- hues 17-38). 

Considering Claims 14, 15, 28, and 32, Gennaro discloses the provider 
association unit further comprises a user-identification management unit in which the 
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first user identification data and the second user identification data are correlated to 
each other and recorded (Gennaro-Fig. 3- item 330), and the provider association unit is 
provided to search for the second user identification data in the user-identification 
management unit based on the first user identification data (Gennaro-column 5- hues 
17-23, column 7- lines 7-21). 

Considering Claim 18, Gennaro discloses the first authentication provider 
creates a first electronic ticket which certifies approval of the user by the first 
authentication provider (Gennaro-column 7- lines 17-37), the second authentication 
provider creates a second electronic ticket which certifies approval of the user by the 
second authentication provider (Gennaro-column 7- hues 37-50), and the user 
authentication device provides information containing the first electronic ticket 
(Gennaro-column 7- lines 17-37), in response to the first authentication request and 
provides information containing the second electronic ticket, in response to the second 
authentication request (Gennaro-column 7- lines 37-50). 

Considering Claim 19, Gennaro discloses the provider association unit creates a 
merge ticket in which the first electronic ticket and the second electronic ticket are 
unified (Gennaro- Fig. 6- item 92 and item 94), and the user authentication device 
provides a first merge ticket in which the first electronic ticket is unified (Gennaro-Fig. 
6- item 84), in response to the first authentication request (Gennaro-Fig. 6- item 82), 
and provides a second merge ticket in which the second electronic ticket is unified 
further (Gennaro-Fig. 6- item 92), in response to the second authentication request 
(Gennaro-Fig. 6- item 90). 
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2. Claims 20-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Geimaro in view of Wheeler (US 2002/0026575), hereafter "Wheeler". 

Considering Claims 20-22, Gennaro does not explicitly disclose the user 
authentication device provides the merge ticket which is encoded, contains a term of 
validity, contains a code for ticket falsification check. 

Wheeler discloses the user authentication device provides the merge ticket which is 
encoded (Wheeler- [0004]), contains a term of validity (Wheeler- [0007]- expiration 
date, contains a code for ticket falsification check (Wheeler- [0007]- serial number). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the teachings of Gennaro the user authentication 
device provides the merge ticket which is encoded, contains a term of validity, contains a 
code for ticket falsification check as taught by Wheeler for the benefit of increasing the 
strength of authentication based upon the specific resource being protected. For 
example, if the resource is a parking deck, only a minimal level of entity authentication 
is necessary; if the resource is a corporate checking account, stronger entity 
authentication is likely required; if the resource is the control system for launching 
nuclear warheads, even stronger entity authentication is required (Wheeler- [0161]). 

3. Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gemiaro. 

Considering Claim 26, Gennaro does not explicitly disclose the provider 

association unit is provided with a call ftinction using a remote procedure call of SOAP. 
Gennaro is silent on an exact protocol used to generate call function. SOAP is a widely 
recognized protocol for exchanging messages over multiple computers. Therefore, it 
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would have been obvious to one of ordinary skill in the art at the time of the invention to 
modify the teachings of Gennaro to provide remote procedure calls using SOAP as was 
widely known in the art for the benefit of facilitating communication between computers 
while allowing the use of multiple transport protocols such as HTTP, TCP, and SNMP. 



Response to Arguments 

Apphcant's arguments filed 10/06/2008 have been fully considered but they are 
not persuasive. 

Regarding Claim 1, apphcant's arguments have been fully considered but are not 

persuasive. With respect to apphcant's arguments that Gennaro fails to teach generate 

an authentication ticket including data indicating at least one of an authentication 

provider name, a term of validity of the ticket, an authentication domain name, and 

user attributes by combining the first user information item and the second user 

information item based on the predetermined identification data, applicant is directed 

to Gennaro - column 8- hues 37-47, the statistical equivalence is deemed valid if it 

exceeds a certain threshold. Gennaro discloses: 

"the system will attempt to match the provided identifier with personal 
identifiers stored as part of each biometric record. Step 78 is a decision step to 
determine whether biometric record was found with a matching personal 
identifier. If not, the authorization session terminates at step 79 where the 
individual cannot be verified and his authorization status is declared as "failed". 
Otherwise, if a matching biometric record is found, the encrypted biometric 
model, E.sub.k (T), will be retrieved. At step 82, an individual is further 
prompted by the system to provide a password (P'). At step 84, the system will 
create a decryption key (k') from the password (P'). At step 86, the decryption key 
(k') is used in conjunction with a standard decryption algorithm to attempt to 
decrypt the retrieved biometric record. Step 88 is a decision step to determine 
whether the decryption was successful... At step 90, the individual is further 
prompted to provide a current biometric sample (S'). The sample type must 
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correspond to the sample provided at enrollment. At step 92, the provided 
sample is compared with tiie decrypted biometric model (T) for statistical 
equivalence. A statistical equivalence score is generated from the comparison. 
The lower the computed score the higher the statistical equivalence. Step 93 is a 
decision step to determine if the computed score is acceptable." 

Therefore, Gennaro at least teaches the generation of an authentication ticket (i.e. a 
score used to determine authentication) including at least one of a term of validity of the 
ticket (i.e. if the score exceeds a certain threshold, the ticket is valid) by combining the 
first user information and the second user information (i.e. password and biometric 
record). 

Conclusion 

Any inquiry concerning this communication or earher communications from the 
examiner should be directed to Randal D. Moran whose telephone number is 571-270- 
1255. The examiner can normally be reached on M-F: 7:00 - 4:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this apphcation or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Apphcation Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/R. D. M./ 

Examiner, Art Unit 2435 
12/30/2008 

/KimYenVu/ 

Supervisory Patent Examiner, Art Unit 2435 



